Good Day !
Is there a way to drop connection for those new dynamic leases ?
tia..
yes, block address pool on firewallGood Day !
Is there a way to drop connection for those new dynamic leases ?
tia..
thank you..
it seems i cannot find Address Pool in Filter Rules.
i can drop specific addresses but i cant find address pool .
/ip pool
add name=".204 DHCP pool" ranges=192.168.204.100-192.168.204.109
add name=".209 DHCP pool" ranges=192.168.209.100-192.168.209.109
/ip pool
add name="3-24 DHCP pool" ranges=192.168.89.3-192.168.204.24
add name="25-254 DHCP pool" ranges=192.168.89.25-192.168.209.254
/ip firewall address-list
add address=192.168.89.3-192.168.209.24 comment="3-24 DHCP pool" list=3-24 DHCP pool
/ip firewall filter
add action=drop chain=forward in-interface=ether1 src-address-list=3-24 DHCP pool
/ip firewall address-list
add list="list blocked DHCP pools" address=192.168.204.100-192.168.204.109 comment="block .204 DHCP pool"
add list="list blocked DHCP pools" address=192.168.209.100-192.168.209.109 comment="block .209 DHCP pool"
/ip firewall raw
add chain=prerouting src-address-list="list blocked DHCP pools" action=drop comment="block DHCP pools"
OMG it really works...>3-24 DHCP pool< must be quoted: "3-24 DHCP pool"
but the right way is like:
Code: Select all/ip firewall address-list add list="list blocked DHCP pools" address=192.168.204.100-192.168.204.109 comment="block .204 DHCP pool" add list="list blocked DHCP pools" address=192.168.209.100-192.168.209.109 comment="block .209 DHCP pool" /ip firewall raw add chain=prerouting src-address-list="list blocked DHCP pools" action=drop comment="block DHCP pools"